Skip to content

TODO.md

Latest commit

 

History

History
96 lines (89 loc) · 4.2 KB

TODO.md

File metadata and controls

96 lines (89 loc) · 4.2 KB

TODO

Task IDs

  • xxxx? Optional
  • xxxx. Normal
  • xxxx! Critical

Next ID: 40

Open Tasks

  • 39. Input Validation:
    • Test individual error messages for every forbidden input (implementing 37 might be useful here)
    • Simplify/Generalize the assert_XXX functions in input_validation.py
  • 38. Implement symmetric role review (see NIST, permission to role lookup + inherited flag)
  • 37? Subclass Exceptions to allow the api consumer more fine grained control when handling the errors.
  • 34. Allow the * wildcard for the action
  • 29? Doc - Permission Design Guide -> As a subsection of RBAC system design (hierarchies vs flat, naming conventions (subjects/roles, prefixes & uuids), ...)
  • 28. Doc - Design Rationale: Reasoning for certain design decisions
  • 26? Doc - Ensure closer alignment to style guide
  • 19. Provide json/yaml import/export utility function
  • 18. Provide FastAPI standalone service with RBAC functionality via REST API

Done Tasks

  • 35. Prevent usage of : and * within the strings in Subject, Roles, ResourceType, ResourceID and Action
    • Doc/Tests: Replace : usage in Container Permissions and use brackets
    • Lock down user input to disallow the : character
    • Lock down usage of * character in all but ResourceID (here single character only)
  • 36. Doc - Update Links in Readme
  • 32. Doc - Some docstrings do not list all possible reasons for raising an exception
  • 27. Doc - Add Auditing Guide
  • 22. Doc - write integration guide
  • 10. Doc - Compare to NIST
  • 21. Doc - Include external dependencies in build instead of using CDN
  • 11. Doc - Compare to ANSI (fix section 6/7 TODO)
  • 30! README some SVGs are not available on PyPI, replace the relative path with URL to GitLab (main branch)
  • 33. CI - Include isort + black job
  • 15. Tests:
    • Cover more than just next neighbor in role hierarchy tests.
      • role.ancestors
      • role.descendants
      • role.subjects
      • role.check_permission
      • role.assert_permission
      • role.actions_on_resource
      • role.permissions
      • role.policies
      • subject.roles
      • subject.check_permission
      • subject.actions_on_resource
      • subject.policies
      • subject.permissions
    • Test Permission.__eq__ and Permission.__neq__ methods method
    • Test Policy.__eq__ and Policy.__neq__ methods method
  • 25. Add missing docstrings:
    • subject.actions_on_resource, role.actions_on_resource
  • 24. Improve handling of psycopg errors in process_subject_role_integrity_error and process_policy_integrity_error
  • 16. Do not allow empty strings for subject, role, action and resource_type (resource_id is allowed to be empty)
    • Implement tests
    • Implement validation logic
  • 23. Doc - SEO and social description
  • 20. Doc - Include mkdocs social card
  • 9. Doc - Finalize README
  • 8. Doc - Add CHANGELOG
  • 3. Decide for a seo optimal package name
  • 2. Setup Doc hosting environment
  • 1. CI/CD Pipeline
    • Testing + Coverage
    • Doc building
    • Package publishing
    • Doc publishing
  • 17! Ensure that optional dependencies (psycopg) are really optional
  • 14. Doc - Declare how we differentiate between ascendants/parents & descendants/children
  • 13. Doc - Start with FAQ
    • Why we developed the library
    • Can I implement Feature Flagging?
  • 6. Add Postgres as explicit dependency group
  • 12. Add missing functionality
    • RBAC.role.subjects (include_descendant_subjects support)
    • RBAC.subject.roles (include_ascendant_roles support)
    • RBAC.role.actions_on_resource
    • RBAC.subject.actions_on_resource
  • 7. Support for Sqlite & PostgreSQL IntegrityErrors
  • 5. Write Python docstrings
    • RoleService
    • SubjectService
    • Util (plotting etc.)
    • Misc.
  • 4. Testing
    • Setup PyDocTest for markdown
    • RoleService
    • SubjectService
    • Util (plotting etc.)
    • Misc.